package com.example.lhh.shiro;

import com.example.lhh.jwt.LhhJwtFilter;
import com.example.lhh.shiro.cashe.RedisCacheManage;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;


/**
 * shiro配置类
 */
@Slf4j
@Configuration
public class ShiroConfig {

    @Autowired
    private LhhRealm lhhRealm;
    @Autowired
    private LhhCredentialsMatch lhhCredentialsMatch;

    @Bean
    public DefaultWebSecurityManager getDefaultWebSecurityManager( ) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //密码验证
        lhhRealm.setCredentialsMatcher(lhhCredentialsMatch);
        defaultWebSecurityManager.setRealm(lhhRealm);
        return defaultWebSecurityManager;
    }

    @Bean
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,LhhJwtFilter lhhJwtFilter){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //自定义过滤器
        Map<String, Filter> filterMaps = new LinkedHashMap<>();
        filterMaps.put("jwt",lhhJwtFilter);
        shiroFilterFactoryBean.setFilters(filterMaps);
        Map<String, String> linkedHashMap = new LinkedHashMap<>();

        linkedHashMap.put("/lhhUser/test1","anon");//不需要认证
        linkedHashMap.put("/lhhUser/test2","authc");//需要认证
        linkedHashMap.put("/**","jwt");

        //没有验证通过，怎默认进入登录页面
        shiroFilterFactoryBean.setLoginUrl("/lhhUser/login");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
        return  shiroFilterFactoryBean;
    }

    @Bean
    LhhJwtFilter getFilter() {
        return new LhhJwtFilter();
    }

    /**
     * 开启权限注释
     * @param securityManager
     * @return
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public Realm getLhhRealm() {
        log.info("===========开启缓存机制===========");
        //开启缓存机制
        lhhRealm.setCacheManager(new RedisCacheManage());//缓存类型 使用redis作为缓存
        lhhRealm.setCachingEnabled(true);
        //认证缓存
        lhhRealm.setAuthenticationCachingEnabled(true);
        lhhRealm.setAuthenticationCacheName("authenticationCache");
        //授权缓存
        lhhRealm.setAuthorizationCachingEnabled(true);
        lhhRealm.setAuthorizationCacheName("authorizationCache");
        return lhhRealm;
    }
}
